Malicious code is not difficult to find these days, even for OT, IoT and other embedded and unmanaged devices. Public exploit proofs-of-concept (PoCs) for IP camera vulnerabilities are routinely used by Chinese APTs, popular building automation devices are targeted by hacktivists and unpatched routers used for Russian espionage.

The digital world has brought advancements in all sorts of life. The applications communicate with each other over the internet to deliver effective service. API is an application language that interacts with the application server to extract the client’s intended information and produce it readable. It is estimated that the global API market will reach about 13.7 billion US dollars by 2027. This user-friendly software makes the business organization widely adopt it to enhance their growth.

Our team has been hard at work creating updates and new features just for you, see what we’ve been up to over the last month.

One often-overlooked risk in the bustling ecosystem of open-source software are vulnerabilities introduced through software dependencies. We mention this because today, a malicious actor took over a RubyGems package name with more than two million downloads. Mend.io technology detected the package before it could be used for an attack, but the case of ‘gemnasium-gitlab-service‘ serves as an important reminder of the risk of neglecting dependency management.

The AWS cloud platform is one of the most used cloud platforms in the world. It gives companies a level of flexibility with its myriad of uses but it is not without its own challenges, namely, maintaining security.

As cloud adoption continues to grow, periodic cloud security risk assessments should be high on your organization’s priority list.

Amazon Security Lake is a new service from Amazon Web Services (AWS) that is designed to help organizations improve their security posture by automating the collection, normalization, and consolidation of security-related log and event data from integrated AWS services and third-party services (Source Partners). By centralizing all the security data in a single location, organizations can gain greater visibility and identify potential threats more quickly.

CrowdStrike has pioneered the use of artificial intelligence (AI) since we first introduced AI-powered protection to replace signature-based antivirus over 10 years ago, and we’ve continued to deeply integrate it across our platform since. We combine the best in technology with the best of human expertise to protect customers and stop breaches.

Cloud Native Application Protection Platforms – or CNAPP solutions – are steadily gaining traction as the best solutions to address Cloud Native security. Regardless of your cloud adoption maturity (whether you’re PoC-ing some services in the cloud, running a few applications, or fully embracing this new era), We’re sure you have likely already noticed that cloud-native security is different from IT-managed data center security. But how exactly is it different?